Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/qxkGe1Ztq8AC8Xy-vkslbb-4Yjc.roa
File: qxkGe1Ztq8AC8Xy-vkslbb-4Yjc.roa (raw, json)
Hash identifier: Vk6as9yIInb4okYrwyyw/9HVRxpOcsbPGA6Y1uEJnuU=
Subject key identifier: AB:19:06:7B:56:6D:AB:C0:02:F1:7C:BE:BE:4B:25:6D:BF:B8:62:37
Certificate issuer: /CN=9e475c9202606e6667e94a779e903db697a59025
Certificate serial: 019503CB64B2D1B80D630F4BFA5EE9A9F53D
Authority key identifier: 9E:47:5C:92:02:60:6E:66:67:E9:4A:77:9E:90:3D:B6:97:A5:90:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkdckgJgbmZn6Up3npA9tpelkCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/qxkGe1Ztq8AC8Xy-vkslbb-4Yjc.roa
Signing time: Fri 14 Feb 2025 09:30:16 +0000
ROA not before: Fri 14 Feb 2025 09:30:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214837
IP address blocks: 193.53.35.0/24 maxlen: 24
193.53.82.0/24 maxlen: 24
2a14:57c0::/29 maxlen: 29
2a14:57c0:e::/48 maxlen: 48
2a14:57c0:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/nkdckgJgbmZn6Up3npA9tpelkCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/nkdckgJgbmZn6Up3npA9tpelkCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkdckgJgbmZn6Up3npA9tpelkCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:cb:64:b2:d1:b8:0d:63:0f:4b:fa:5e:e9:a9:f5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e475c9202606e6667e94a779e903db697a59025
Validity
Not Before: Feb 14 09:30:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab19067b566dabc002f17cbebe4b256dbfb86237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:68:36:1a:83:6a:c2:81:2e:cc:6f:5a:8a:
9f:de:ce:6c:b1:b5:e5:df:13:ef:7b:c1:be:b4:da:
0a:87:c9:09:4d:6d:e4:e6:35:59:7e:d0:c7:a9:3c:
75:c0:55:aa:87:71:63:07:12:70:05:cf:b0:7c:51:
c1:83:5c:16:31:4c:aa:44:a7:29:7f:14:59:d5:65:
c0:da:38:7d:1b:bb:33:f2:0d:55:45:f7:5a:10:92:
56:20:aa:a7:7c:e0:60:03:c9:4c:56:9c:0a:b1:0e:
84:40:5d:f1:e9:72:83:90:c5:64:4c:fb:28:60:e1:
92:0a:4a:23:c4:de:73:26:98:b7:73:75:34:ac:fa:
a2:78:e4:f0:ce:67:35:fa:36:8c:93:9b:31:8a:90:
b2:ec:7a:c1:22:b6:62:aa:d1:92:76:2a:d0:e0:bc:
f9:7b:8a:2d:ee:1f:1f:98:1a:ba:c0:90:c7:cb:a3:
9f:2c:77:92:9b:69:52:a7:0c:e7:3b:81:2c:4b:cd:
d9:d9:69:73:32:d8:4f:2e:c4:82:c5:e1:8c:47:33:
aa:be:e3:5c:42:2a:60:83:13:11:79:6d:68:94:93:
e7:1b:f5:ad:57:35:56:61:41:54:6a:21:98:8b:09:
3c:bd:b0:3f:6e:7a:39:8d:d8:68:a3:70:75:98:dd:
04:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:19:06:7B:56:6D:AB:C0:02:F1:7C:BE:BE:4B:25:6D:BF:B8:62:37
X509v3 Authority Key Identifier:
keyid:9E:47:5C:92:02:60:6E:66:67:E9:4A:77:9E:90:3D:B6:97:A5:90:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkdckgJgbmZn6Up3npA9tpelkCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/qxkGe1Ztq8AC8Xy-vkslbb-4Yjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74bd35-0aa8-4718-8900-ccbb6e90a19b/1/nkdckgJgbmZn6Up3npA9tpelkCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.35.0/24
193.53.82.0/24
IPv6:
2a14:57c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:b0:05:53:41:57:46:35:f0:66:6d:24:b2:cc:33:8b:6b:ab:
9f:1d:18:e4:38:7a:cd:c3:e8:6a:37:9d:dd:82:0d:aa:54:0c:
7a:7c:3d:0f:56:4f:43:66:db:c1:f2:d5:9d:7f:5e:60:75:90:
c7:2a:3f:88:c1:2e:b6:69:a9:08:a1:23:2e:79:3c:db:28:4e:
d9:6b:1e:8d:fd:51:de:d7:d6:44:62:07:48:35:4f:a6:be:c9:
8e:c6:d4:ea:f1:c9:41:61:24:26:49:0a:8c:6e:ff:a6:49:37:
19:83:75:96:46:30:9d:0e:d9:97:db:41:37:f7:56:b9:c2:8e:
05:ea:05:cd:00:7a:16:67:30:f3:1e:f5:9e:86:a0:12:e0:53:
06:3c:7b:2f:44:85:2e:5d:82:4e:1b:68:10:b6:b8:5b:44:5e:
f0:36:ca:ef:a6:28:34:88:86:6c:20:5a:74:01:5b:d1:72:75:
06:65:dc:b6:6b:99:1d:11:c2:0d:5b:85:d7:e0:c3:91:bf:cc:
f9:f9:48:e7:51:58:95:c5:04:46:b5:f2:78:50:9b:b7:02:38:
f8:4f:cd:f0:9a:a1:50:b0:76:7a:83:60:4a:dd:4f:76:9c:fa:
81:2a:53:d7:58:55:ec:97:d8:e8:db:6a:f5:dd:0e:f9:2c:09:
c5:06:62:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZUDy2Sy0bgNYw9L+l7pqfU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDc1YzkyMDI2MDZlNjY2N2U5NGE3NzllOTAzZGI2OTdh
NTkwMjUwHhcNMjUwMjE0MDkzMDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjE5MDY3YjU2NmRhYmMwMDJmMTdjYmViZTRiMjU2ZGJmYjg2MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj5oNhqDasKBLsxvWoqf3s5ssbXl
3xPve8G+tNoKh8kJTW3k5jVZftDHqTx1wFWqh3FjBxJwBc+wfFHBg1wWMUyqRKcp
fxRZ1WXA2jh9G7sz8g1VRfdaEJJWIKqnfOBgA8lMVpwKsQ6EQF3x6XKDkMVkTPso
YOGSCkojxN5zJpi3c3U0rPqieOTwzmc1+jaMk5sxipCy7HrBIrZiqtGSdirQ4Lz5
e4ot7h8fmBq6wJDHy6OfLHeSm2lSpwznO4EsS83Z2WlzMthPLsSCxeGMRzOqvuNc
QipggxMReW1olJPnG/WtVzVWYUFUaiGYiwk8vbA/bno5jdhoo3B1mN0EcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKsZBntWbavAAvF8vr5LJW2/uGI3MB8GA1UdIwQY
MBaAFJ5HXJICYG5mZ+lKd56QPbaXpZAlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtkY2tnSmdibVpuNlVwM25wQTl0cGVsa0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NGJkMzUtMGFhOC00NzE4LTg5MDAt
Y2NiYjZlOTBhMTliLzEvcXhrR2UxWnRxOEFDOFh5LXZrc2xiYi00WWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NGJkMzUtMGFhOC00NzE4LTg5MDAtY2NiYjZlOTBhMTli
LzEvbmtkY2tnSmdibVpuNlVwM25wQTl0cGVsa0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwTUjAwQA
wTVSMA0EAgACMAcDBQMqFFfAMA0GCSqGSIb3DQEBCwUAA4IBAQCPsAVTQVdGNfBm
bSSyzDOLa6ufHRjkOHrNw+hqN53dgg2qVAx6fD0PVk9DZtvB8tWdf15gdZDHKj+I
wS62aakIoSMueTzbKE7Zax6N/VHe19ZEYgdINU+mvsmOxtTq8clBYSQmSQqMbv+m
STcZg3WWRjCdDtmX20E391a5wo4F6gXNAHoWZzDzHvWehqAS4FMGPHsvRIUuXYJO
G2gQtrhbRF7wNsrvpig0iIZsIFp0AVvRcnUGZdy2a5kdEcINW4XX4MORv8z5+Ujn
UViVxQRGtfJ4UJu3Ajj4T83wmqFQsHZ6g2BK3U92nPqBKlPXWFXsl9jo22r13Q75
LAnFBmLT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:13 2025 by rpki-client